Date: Sat, 18 Sep 1999 01:00:21 -0600 From: Wes Peters <wes@softweyr.com> To: Warner Losh <imp@village.org> Cc: Brett Glass <brett@lariat.org>, security@FreeBSD.ORG Subject: Re: BPF on in 3.3-RC GENERIC kernel Message-ID: <37E33885.B2B42D8C@softweyr.com> References: <37E32365.B9F9573B@softweyr.com> <4.2.0.58.19990917201820.046f09e0@localhost> <4.2.0.58.19990917160519.047cc890@localhost> <Your message of "Thu, 16 Sep 1999 18:54:24 MDT." <4.2.0.58.19990916185341.00aaf100@localhost> <4.2.0.58.19990916185341.00aaf100@localhost> <Pine.GSO.3.96.990916150427.5757E-100000@mission.mvnc.edu> <199909172208.QAA05554@harmony.village.org> <199909180244.UAA07013@harmony.village.org> <199909180612.AAA00597@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh wrote:
>
> In message <37E32365.B9F9573B@softweyr.com> Wes Peters writes:
> : Worked for me. A well-written, accurate analogy too.
>
> I'll have to try again later... I'd be very interested in this. I
> personally think that schg is useful against accidental mistakes, but
> flawed in implementation.
Agreed. It's a good tool, but isn't going to stop somebody who's both
clever and dedicated. A similar facility in VMS didn't stop Kevin
Mittnick from stealing the VMS source code from my ex-boss. ;^)
> Although some of that may be due to inperfections in /etc/rc and
> friends.
I think a lot of the system startup just happened, rather than being
designed from a security standpoint. I'm attempting to land myself a
job where I would be paid to fix this, among other things. I'll let
you all know if/when it happens.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
http://softweyr.com/ wes@softweyr.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37E33885.B2B42D8C>